Daniel Tryba wrote:
Geoff Berrow <bl******@ckdog.co.uk> wrote:
>You have magic_quotes_gpc turned on in your PHP config. Turn it off.
Actually, don't.
Why?
The chap is probably a newbie. Best to play safe.
Please explain why you think magic_quotes_gpc would increase safety?
unescaped special characters in a string can be used to send arbitrary
code to the server. this is dangerous in many ways if exploited
correctly it can most definitely represent a security breach.
for example if I know the string is used to run a command line process
with say something like :
exec("ls $dir", $dirlist, $error );
I can pass it a string that will do anything I want. You may think it is
limited to a "ls" command, but just see what happens if I send it a
string like this " joe; touch myfile; cat ~/.bash_history; rm
~/.bash_history"
see suddenly I have all sorts of control I shouldn't. The similar things
can be done with fields going to a database, by sending it a "';" to
end one SQL command and start sending others...
--
/---+----+----+----+----+----+----++----+----+----+----+----+----+---\
I
ph***********@libertydice.org II No nation was ever ruined by I
I
http://www.libertydice.org II trade, even seemingly the most I
I remove "3d6" to e-mail II disadvantageous. - Ben Franklin I
\---+----+----+----+----+----+----++----+----+----+----+----+----+---/